SBA - Cybersecurity Engineer - Mid

Cybersecurity Engineer – Mid Job Description Position Title: Cybersecurity Engineer - Mid Program: SBA Enterprise Cybersecurity Services (ECS)Position Summary The Cybersecurity Engineer – Mid supports the Small Business Administration (SBA) Enterprise Cybersecurity Services (ECS) program by providing cybersecurity engineering, architecture, operational support, and technical implementation services aligned with enterprise security modernization initiatives. The Cybersecurity Engineer – Mid performs engineering and operational activities supporting cybersecurity infrastructure, cloud security, Zero Trust Architecture (ZTA), network security, endpoint security, vulnerability remediation, and enterprise security tool integration across SBA environments. The position supports secure design, implementation, maintenance, and continuous improvement of cybersecurity technologies supporting federal compliance requirements and enterprise mission objectives.Essential Duties and Responsibilities

• Provide cybersecurity engineering and technical implementation support for SBA ECS initiatives.
• Support Task Areas 3.5.4 and 3.5.4.5 by engineering, integrating, configuring, and maintaining enterprise cybersecurity technologies and security architectures.
• Assist with implementation and sustainment of Zero Trust Architecture (ZTA) initiatives aligned with NIST SP 800-207 and OMB M-22-09.
• Support cloud security engineering activities across Microsoft Azure, AWS, Microsoft 365, Dynamics 365, and SaaS environments.
• Engineer and maintain security controls supporting NIST SP 800-53, RMF, FISMA, FedRAMP, and SBA cybersecurity requirements.
• Support secure system design reviews, security architecture assessments, and technical security evaluations.
• Assist with deployment, configuration, integration, and optimization of cybersecurity tools including SIEM, EDR, vulnerability management, IDS/IPS, MFA, and security monitoring platforms.
• Perform vulnerability analysis, remediation validation, system hardening, and security configuration assessments.
• Support development and maintenance of cybersecurity engineering documentation, system diagrams, implementation guides, SOPs, and technical procedures.
• Collaborate with cybersecurity architects, SOC analysts, ISSOs, system administrators, cloud engineers, and program managers to implement enterprise security solutions.
• Provide technical support for incident response, forensic analysis, root cause investigations, and cybersecurity operations activities.
• Assist with automation, scripting, orchestration, and cybersecurity workflow optimization initiatives.
• Participate in continuous monitoring activities, log analysis, configuration reviews, and security compliance validation efforts.
• Support implementation of secure network architectures, segmentation strategies, access control solutions, and encryption technologies.
• Assist with engineering support for vulnerability scanning platforms, patch management solutions, and cybersecurity tool integrations.
• Provide technical recommendations to improve cybersecurity posture, operational efficiency, resilience, and risk mitigation.
• Support system security plan development, architecture documentation, and control implementation descriptions.
• Participate in technical working groups, engineering reviews, change control activities, and cybersecurity governance initiatives.
• Support modernization initiatives involving DevSecOps, automation, AI-enabled cybersecurity capabilities, and cloud transformation.
• Ensure engineering activities align with federal cybersecurity guidance, SBA standards, and enterprise security policies.

Minimum Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, Information Systems, or related discipline. Relevant experience may substitute for degree requirements.
• Minimum of 5 years of experience supporting cybersecurity engineering, system security engineering, network security, cloud security, or federal cybersecurity operations.
• Experience implementing and maintaining enterprise cybersecurity technologies and security controls.
• Knowledge of NIST RMF, NIST SP 800-53, FISMA, FedRAMP, Zero Trust Architecture, and federal cybersecurity requirements.
• Experience supporting Microsoft Azure, AWS, Microsoft 365, or hybrid cloud security environments.
• Experience with cybersecurity tools such as SIEM, EDR, IDS/IPS, vulnerability scanners, endpoint security, and identity management platforms.
• Understanding of network security principles, system hardening, vulnerability management, encryption, and secure configuration management.
• Experience with scripting or automation technologies such as PowerShell, Python, Bash, or orchestration platforms preferred.
• Strong analytical, troubleshooting, communication, and technical documentation skills.
• Ability to support multiple cybersecurity engineering initiatives in a dynamic operational environment.
• Experience supporting federal agencies or government cybersecurity environments preferred.

Preferred Certifications

• Certified Information Systems Security Professional (CISSP)
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Certifications
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security – Specialty
• Certified Cloud Security Professional (CCSP)
• Cisco CyberOps or CCNP Security
• GIAC Certified Incident Handler (GCIH)
• Certified Information Security Manager (CISM)

Apply tot his job Apply To this Job